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Top Stories 

• Federal prosecutors announced December 19 that Lockheed Martin Integrated Systems 
agreed to pay $27.5 million to resolve allegations that the defense contractor overbilled the 
federal government for work on two U.S. Army contracts. - Associated Press (See item 5 ) 

• A Delta Airlines baggage handler and three others were charged December 22 for an 
alleged weapons smuggling operation in which more than 129 firearms and ammunition 
were smuggled from Atlanta to New York in luggage. - ABC News (See item 9 ) 

• A former correctional officer at the John E. Goode Pretrial Detention Facility in 
Jacksonville, Florida, pleaded guilty December 22 to stealing personal information from 49 
inmates housed at the facility and using it to create fake debit card accounts and file fake 
tax returns. - WJXT 4 Jacksonville (See item 

• Staples officials released December 19 a list of 115 U.S. stores that were affected by a 
security breach that was announced in October and reported that an estimated 1.16 million 
payment cards were compromised. - CBS News (See item 2^ 
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Energy Sector 

1 . December 23, Bradford Era - (Pennsylvania) Gas pipeline company to pay $800K 
for violations in 4 counties including Potter. Tennessee Gas Pipeline Company will 
pay $800,000 in a settlement with the Pennsylvania Department of Environmental 
Protection for water law violations committed in 4 counties during the construction of a 
natural gas pipeline between 2011 and 2012, which included the discharge of sediment 
pollution into the waters of the commonwealth. 

Source: http://www.bradfordera.com/news/article f2610536-8a4b-l Ie4-a765- 
7b208el7c2c2.html 

2. December 23, Pittsburgh Tribune -Review — (Pennsylvania) Marcellus driller Vantage 
Energy to pay nearly $1M for Greene County well problems. The Pennsylvania 
Department of Environmental Protection announced December 22 that Vantage Energy 
will pay $999,900 in fines for damage to streams caused by a landslide and wastewater 
spill at its Greene County shale well pad in January. The company will also remove the 
blockage from the streams and restore the land around the Eranklin pad by the end of 
2015 as part of the settlement. 

Source: http://triblive.eom/business/headlines/7 431673 -7 4/vantage-based-dep 

3. December 22, U.S. Environmental Protection Agency - (West Virginia) XTO Energy, 
Inc. to restore areas damaged by natural gas extraction activities. XTO Energy, 
Inc., a subsidiary of ExxonMobil, reached a settlement with the U.S. Environmental 
Protection Agency, the U.S. Department of Justice, and the West Virginia Department 
of Environment Protection December 22 for violations of the Clean Water Act, 
resulting in the company paying about $3 million to restore 8 sites in West Virginia 
damaged by unauthorized discharges of fill material into streams and wetlands. The 
company will also pay a $2.3 million civil penalty. 

Source: 

http://vosemite.epa.gOv/opa/admpress.nsf/0/C909CD3C8EAPP45C85257DB6007518A 
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Chemical Industry Sector 

Nothing to report 
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Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 



4. December 23, U.S. Consumer Product Safety Commission — (International) Keurig 
recalls MINI Plus Brewing Systems due to burn hazard. Keurig Green Mountain 
announced a recall for around 7.1 million MINI Plus Brewing System model KIO 
coffee brewers in the U.S. and Canada due to the potential for the brewers to overheat 
and spray hot water at consumers. 

Source: http://www.cpsc.gov/en/Recalls/2015/Keurig-Recalls-MINI-Plus-Brewing- 
Systems/ 
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Defense Industrial Base Sector 

5. December 20, Associated Press - (Maryland; New Jersey) Lockheed Martin pays 
$27.5M in billing allegation. Federal prosecutors announced December 19 that 
Lockheed Martin Integrated Systems agreed to pay $27.5 million to resolve allegations 
that the defense contractor overbilled the federal government for work on 2 U.S. Army 
Communications and Electronics Command contracts at Fort Monmouth in New Jersey 
and the Aberdeen Proving Ground in Maryland. Officials allege that the contractor 
provided under-qualified employees for the work while billing the government at 
higher rates intended for qualified workers. 

Source: https://news.vahoo.eom/lockheed-martin-pavs-27-5m-002620492.html 
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Financial Services Sector 

6. December 22, Securityweek - (International) ‘Vawtrak’ banking malware continues 
to evolve. Researchers with Sophos identified a new variant of the Vawtrak banking 
malware (also known as NeverQuest or Snifula) that is capable of injecting a DLL into 
browser processes to infect users and compromise banking credentials. The malware 
variant is capable of disguising its communications and bypassing two-factor 
authentication, among other capabilities. 

Source: http://www.securitvweek.com/vawtrak-banking-malware-continues-evolve 

7. December 22, U.S. Securities and Exchange Commission — (International) SEC 
charges two traders in Chile with insider trading. The U.S. Securities and Exchange 
Commission filed charges December 22 against 2 business associates in Chile for 
allegedly using insider information that 1 of the individuals gained while serving as a 
member of the board of CFR Pharmaceuticals S.A. to make around $10.6 million in 
illicit profits. 

Source: http://www.sec.gov/news/pressrelease/2Q14-291.html 
For another story, see item 29 
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Transportation Systems Sector 



8. December 23, WLEX 18 Lexington - (Kentucky) 2 indicted on felony charges in 
highway copper thefts. Two individuals were charged by a Franklin County grand 
jury December 23 for the alleged theft of copper wire from lighting systems on 
Kentucky highways which caused an extensive amount of damage. 

Source: http://www.lex 1 8 ■Com/storv/27 694720/2-indicted-on-felonv-charges-in- 
highway-copper-thefts 

9. December 22, ABC News - (Georgia; New York) Feds bust alleged Delta Airlines 
gun-smuggling ring. A baggage handler for Delta Airlines and 3 other accomplices 
were charged December 22 for an alleged weapons smuggling operation in which more 
than 129 firearms and ammunition were smuggled from Atlanta to New York through 
carry-on luggage. Authorities in New York arrested one co-conspirator after an 
investigation determined he was working with the Delta Airlines ramp agent/baggage 
handler in the scheme. 

Source: http://abcnews.go.com/US/feds-bust-alleged-delta-airlines-gun-smuggling- 
ring/story?id=27777273 

10. December 22, Contra Costa Times — (California) Brentwood: Teen killed in Highway 
4 crash early Monday. A driver was killed and a passenger was injured December 22 
on eastbound Highway 4 in Brentwood after the driver drifted over the double yellow 
lines and collided with another vehicle before overturning and causing eastbound lanes 
to close for over 3 hours. 

Source: http://www.contracostatimes.com/breaking-news/ci 27186693/brentwood- 
person-dies-crash-highwav-4-overpass 

11. December 19, WRTV 6 Indianapolis - (Indiana) Buses called after Polar Express 
derails. The Polar Express train derailed in Noblesville December 19 after 2 wheels 
detached mid-trip to Fishers from the Indiana Transportation Museum causing 
approximately 200 passengers to be transported on buses. Crews worked on repairs 
before service resumed. 

Source: http://www.theindvchannel.com/news/local-news/buses-called-after-polar- 
express-derails 
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Food and Agriculture Sector 

12. December 22, KEYC 12 Mankato - (Minnesota) 150 pigs killed in barn fire north of 
Vernon Center. A December 21 barn fire on a farm in Mankato caused between 
$400,000 and $500,000 in damage to the structure, a vehicle, and an office and ki lled 
about 150 pigs. A firewall inside the structure helped contain the blaze to a small 
portion of the barn. 

Source: http://www.kevc.eom/storv/27690441/150-pigs-killed-in-barn-fire-north-of- 
vemon-center 
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13. December 22, U.S. Department of Agriculture - (Georgia; Florida) Recall notification 
report 086-2014 (hickory smoked sliced bacon). The Food Safety and Inspection 
Service reported December 22 that Abe’s Finest Meats issued a recall for about 80,050 
pounds of Cedar Creek Hickory Smoked Sliced Bacon due to undeclared sodium nitrite 
that was caused by misbranding. The products were packaged in 10-pound bulk frozen 
packages and sent to distributors in Georgia and Florida. 

Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health- 
alerts/recall-case-archive/archive/2014/mr-086-2014 



14. December 22, U.S. Department of Agriculture - (International) Canadian firm recalls 
pork products produced without benefit of inspection. The Food Safety and 
Inspection Service (FSIS) announced December 22 that BMC Trading Inc., of Ontario, 
Canada, recalled about 26,108 pounds of Pork Leg Flank products that failed to present 
at the Canadian border for FSIS reinspection and was distributed into U.S. commerce. 
The products were produced on December 16 and were distributed to retail locations in 
Arizona for further processing. 

Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health- 
alerts/recall-case-archive/archi ve/20 1 4/recall-087 -201 4-release 
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Water and Wastewater Systems Sector 

15. December 22, KCBY 11 Coos Bay - (Oregon) Lakeside water treatment facility 
experiencing flooding. Workers at a water treatment facility in Lakeside, Oregon, 
were experiencing problems and had to shuttle to work via boat December 22 due to 
flooding caused by a storm. Officials said the high water levels did not affect the 
treatment facility because it is a non-combined sewer collection system. 

Source: http://www.kcbv.com/news/local/Lakeside-water-treatment-facility- 
experiencing-flooding-2866205 1 1 .html 

16. December 22, KSWB 69 San Diego - (California) Silver Strand State Beach reopens. 
A water contact closure was lifted at the Silver Strand State Beach in Coronado 
December 22 after tests confirmed that sewage-fouled flows no longer affected the 
area. The water contact closure was announced in early December due to rain-driven 
sewage contamination from the Tijuana River. 

Source: http://fox5sandiego.com/2014/12/22/silver-strand-state-beach-reopens/ 

For additional stories, see items 1, 2, and 3 
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Healthcare and Public Health Sector 

17. December 23, WFMZ 69 Allentown - (Pennsylvania) Easton Hospital agrees to 

$662,000 federal settlement. The U.S. Department of Justice announced December 23 
that the operators of Easton Hospital in Pennsylvania agreed to a $662,000 settlement 
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to resolve allegations of fraud under the False Claims Act after the hospital billed 
Medicare for procedures performed by a doctor that were only partially completed, 
never performed, or medically unnecessary. 

Source: http://www.wfmz.com/news/news-regional-lehighvallev/easton-hospital- 
agrees-to-662000-federal-settlement/30366220 

18. December 22, KRCR 7 Redding - (California) Records for 620 Mercy Medical 

cancer patients compromised. Mercy Medical Center in Redding notified 620 Dignity 
Health Mercy Oncology Center cancer patients after the hospital discovered December 
13 that the patients’ personal information was publicly accessible on a third-party Web 
site after a physician’s transcribed notes that were inadvertently linked to the site. The 
link was removed and technicians worked to eliminate any other cache pages or links 
could provide the information. 

Source: http://www.krcrtv.com/news/local/records-for-620-mercv-medical-cancer- 
patients-compromised/30359 140 
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Government Facilities Sector 

19. December 23, Wilmington News Journal - (Delaware) School bus crash sends 12 to 
hospitals. Eleven students and the bus driver were transported to area hospitals after a 
school bus at Shue-Medill Middle School in Ogletown struck a light pole in the school 
parking lot December 23. 

Source: http://www.delawareonline.com/storv/news/local/2014/12/23/school-bus- 
crash-sends-hospitals/2079933 1/ 

20. December 23, WYFF 4 Greenville - (South Carolina) Broken pipe spills jail sewage 
into Anderson City Hall. A sewage spill caused by a broken pipe damaged computers, 
file cabinets, and other equipment at Anderson City Hall in South Carolina December 
22 prompting the building’s closure for cleanup. The city hall will reopen December 
23. 

Source: http://www.wvff4.com/news/sewage-spill-shuts-down-anderson-city- 
hall/30363256 

21. December 22, York Dispatch - (Pennsylvania) Police: Students’ information 
compromised in South Western HS data breach. The school district notified an 
unknown number of students at South Western High School in Penn Township and 
their parents after an individual accessed students’ personal information. Police are 
investigating how the breach occurred and who is responsible. 

Source: http://www.vorkdispatch.com/breaking/ci 27 1 88043/police-students- 
information-compromised-south-westem-hs-data 
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Emergency Services Sector 



22. December 22, WJXT 4 Jacksonville - (Florida) Former correctional officer pleads 
guilty to wire fraud, ID theft. A former correctional officer at the John E. Goode 
Pretrial Detention Facility in Jacksonville pleaded guilty December 22 to stealing 
personal information from 49 inmates housed at the facility and using it to create fake 
debit card accounts and 38 fake W-2 forms claiming more than $250,000 in tax 
refunds. 

Source: http://www.news4iax.com/news/former-correctional-officer-pleads-guiltv-to- 
wire-fraud-id-theft/30357336 
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Information Technology Sector 

23. December 23, Softpedia - (International) The first polymorphic ransomware 
emerges, spreads on its own. Researchers with ESET and Sophos identified a new 
piece of ransomware known as VirEock or VirRansom that acts as a virus to infect 
several file types and scramble the files, then de-scrambles the files when a victim 
attempts to open them and installs the malware. The malware then locks the screen and 
demands a ransom be paid to unlock it. 

Source: http://news.softpedia.com/news/The-Eirst-Polvmorphic-Ransomware-Emerges- 
Spreads-Qn-Its-Own-468232.shtml 

24. December 23, Threatpost - (International) Apple patches NTP vulnerabilities in first 
automated patch. Apple released an automatic update for its Mac OS X operating 
system, closing several remotely exploitable vulnerabilities in Network Time Protocol 
(NTP) that could have allowed attackers to exploit buffer overflow vulnerabilities. 
Source: http://threatpost.com/apple-patches-ntp-vulnerabilities-in-first-automated- 
patch/ 110090 

25. December 23, Softpedia - (International) Security breach at NVIDIA triggers 
employee credentials reset. NVIDIA reset the credentials of an undisclosed number of 
employees’ accounts after an unauthorized intrusion into the company’s network 
occurred October 8 and was detected in early December. Security improvements were 
implemented to prevent future intrusions. 

Source: http://news.softpedia.com/news/Securitv-Breach-At-NVIDIA-Triggers- 
Employee-Credentials-Reset-468183.shtml 

26. December 22, Softpedia - (International) Tor exit node cluster shut down. The 
operator of a large Tor exit node cluster stated that his exit node cluster was tampered 
with and activity terminated December 21, and warned users not to use the affected exit 
nodes if they reappear online until an investigation is completed. 

Source: http://news.softpedia.com/news/Tor-Exit-Node-Cluster-Shut-Down- 
468160.shtml 
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Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

Nothing to report 
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Commercial Facilities Sector 

27. December 23, WTOC 11 Savannah - (Georgia) Walmart on Ogeechee Road reopens 
after evacuation, threat. A Walmart store in Georgetown, Georgia, was closed for at 
least 2 hours December 22 while police investigated a bomb threat that prompted an 
evacuation of the business. The store was cleared to reopen after no explosive devices 
were found. 

Source: http://www.wtoc.com/storv/27690246/walmart-on-ogeechee-road-reopens- 
after-evacuation-threat 

28. December 22, Albuquerque Journal - (New Mexico) $32K in copper stolen from 
Albuquerque movie set, police say. One man was arrested and police are searching 
for 3 additional suspects in connection to the theft of more than $32,000 worth of 
copper wire from a 20th Century Fox movie shoot that had completed filming at the 
Winrock Shopping Mall in Albuquerque November 24. More than 800 pounds of the 
stolen wire was reportedly sold to recyclers. 

Source: http://www.abqiournal.com/516091/abqnewsseeker/32k-stolen-from- 
albuquerque-movie-set-police-say.html 

29. December 22, CBS News - (National) Staples says 1.16 million credit card numbers 
stolen in breach. Staples officials released December 19 a list of 1 15 U.S. stores that 
were affected by a security breach that was announced in October and reported that an 
estimated 1.16 million payment cards were compromised during the attack that started 
in July. The company stated that the company began removing the malware that 
infected the stores’ payment systems in September. 

Source: http://www.cbsnews.com/news/staples-savs-l-16-million-credit-card-numbers- 
stolen-in-breach/ 

30. December 22, WDTN 2 Dayton - (Ohio) Mall shooting over athletic shoes robbery 
attempt. Police are investigating after a juvenile brandished a gun during an attempted 
robbery outside of the Dayton Mall and was fatally shot by the individual who was 
targeted by the teen. Two juveniles were taken into custody while police work to 
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determine if they carried weapons during the incident. 

Source: http://wdtn.com/2014/12/22/mall-shooting-over-athletic-shoes 

31. December 22, KTHV 11 Little Rock - (Arkansas) Early morning fire causes $300K in 
damage. A December 22 fire at the Forest Place Apartments complex in Little Rock 
caused an estimated $300,000 in damage. The cause of the fire is under investigation 
but is believed to be related to faulty wiring in the building. 

Source: http://www.thv 1 1 .com/storv/news/crime/20 1 4/1 2/22/earlv-morning- fire- 
breaks -out- at- apartment-complex/207 52371/ 

32. December 21, NHl.com - (New Hampshire) Families displaced after morning fire in 
Manchester. A 3-alarm fire at an Evergreen Property Management-owned 
condominium building in Manchester, New Hampshire, December 21 displaced more 
than 50 residents and caused about $750,000 in damage. Two firefighters suffered 
minor injuries while battling the blaze. 

Source: http://www.nhl.com/news/families-displaced-after-morning-fire-in-manchester 
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Dams Sector 



Nothing to report 
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About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] 
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily 
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site: 
http://www.dhs.gov/IPDailvReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support® govdeliverv.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastracture Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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